Docker Has Arrived, But Has Your Ship Really Come In?

November 21, 2014

By Baruch Sadogursky

SHARE:

In many ways it has. Docker has emerged as the “King of Containers” with more and more enterprises adopting Docker technology to run applications in data centers, on IT infrastructure and developer laptops alike. Docker’s decoupling of applications from their environments has effectively revolutionized how software is run.

However, as with any (relatively) new technology, there is still much to be done. One of the biggest concerns with Docker, the one that is impeding its large scale adoption on enterprise platforms, is the runtime security of Docker containers. But there’s another aspect of security that is receiving less attention, but is no less important – the Docker registries on which images are stored. These are generally public, so anyone can download anything. Even though DockerHub does offer private registries, enterprises are still not quite ready to upload their IP to the cloud – whether it’s Docker images or applications.

There are number of tools that provide you with locally installed “registry”, starting with the Docker Registry itself, which can be downloaded and installed locally. And number of disadvantages with this approach:

Local Docker registry (download from Docker, install and maintain), local RubyGems service (download from RubyGems, install and maintain), local npm registry (same here), local pypiserver… You got the idea. You have to run and babysit half-a-dozen servers to provide similar local-server functionality for your development stack. And of course, they do not integrate between themselves. Anticipate the joy of managing users in each and every one of them separately?

Features, features, features. When every technology stack tries to re-invent the wheel in the non-core business, the product is mediocre, at best. How about advanced permission schemes? Integration with existing A&A infrastructure? Promotion pipelines? De-duplicated, append-only one-time storage? And I just got started.

I have three words for you: Binary Repository Manager. A mature Binary Repository Manager can maintain the local repositories for you, for all major software types. A local repository, as the name suggests, is a physical locally managed repository where you will store your internal binaries. It is one of the most basic features of this kind of tool, but behind that down-to-earth simplicity, it is a multifunctional private and secure registry/repository that can manage files/images/packages of virtually every format in common use. Not only are your binary files securely stored within your organization, you have fine-grained control over who can access what:

Docker Artifactory Integration

And yes, you can define as many local repositories as you like – one for each software technology you’re using and more. So if you’re looking to “containerize”, a Binary Repository Manager is the tugboat that will pull your ship into port. You get secure, private Docker registries for your images as well as a host of other features that any modern organization doing software development, shouldn’t live without.